Models of socio-cyber-physical systems security

The development of technologies and computing resources has not only expanded the range of digital services in all spheres of human activity, but also determined the range of targeted cyber attacks. Targeted attacks are aimed at destroying not only the business structure, but also its individual com...

Täydet tiedot

Tallennettuna:
Bibliografiset tiedot
Päätekijät: Yevseiev, Serhii, Khokhlachova, Yuliia, Ostapov, Serhii, Laptiev, Oleksandr, Korol, Olha, Milevskyi, Stanislav, Milov, Oleksandr, Pohasii, Serhii, Melenti, Yevgen, Hrebeniuk, Vitalii, Havrylova, Alla, Herasуmov, Serhii, Korolev, Roman, Barabash, Oleg, Sobchuk, Valentyn, Kyrychok, Roman, German, Shuklin, Akhramovych, Volodymyr, Savchenko, Vitalii, Golovashych, Sergii, Lezik, Oleksandr, Opirskyy, Ivan, Voitko, Oleksandr, Yerhidzei, Kseniia, Mykus, Serhii, Pribyliev, Yurii, Prokopenko, Oleksandr, Vlasov, Andrii, Dzheniuk, Nataliia, Tolkachov, Maksym
Aineistotyyppi: Online
Kieli:englanti
Julkaistu: PC TECHNOLOGY CENTER 2025
Aiheet:
Linkit:https://directory.doabooks.org/handle/20.500.12854/134824.2
Tagit: Lisää tagi
Ei tageja, Lisää ensimmäinen tagi!
_version_ 1869524282043793408
author Yevseiev, Serhii
Khokhlachova, Yuliia
Ostapov, Serhii
Laptiev, Oleksandr
Korol, Olha
Milevskyi, Stanislav
Milov, Oleksandr
Pohasii, Serhii
Melenti, Yevgen
Hrebeniuk, Vitalii
Havrylova, Alla
Herasуmov, Serhii
Korolev, Roman
Barabash, Oleg
Sobchuk, Valentyn
Kyrychok, Roman
German, Shuklin
Akhramovych, Volodymyr
Savchenko, Vitalii
Golovashych, Sergii
Lezik, Oleksandr
Opirskyy, Ivan
Voitko, Oleksandr
Yerhidzei, Kseniia
Mykus, Serhii
Pribyliev, Yurii
Prokopenko, Oleksandr
Vlasov, Andrii
Dzheniuk, Nataliia
Tolkachov, Maksym
author_browse Akhramovych, Volodymyr
Barabash, Oleg
Dzheniuk, Nataliia
German, Shuklin
Golovashych, Sergii
Havrylova, Alla
Herasуmov, Serhii
Hrebeniuk, Vitalii
Khokhlachova, Yuliia
Korol, Olha
Korolev, Roman
Kyrychok, Roman
Laptiev, Oleksandr
Lezik, Oleksandr
Melenti, Yevgen
Milevskyi, Stanislav
Milov, Oleksandr
Mykus, Serhii
Opirskyy, Ivan
Ostapov, Serhii
Pohasii, Serhii
Pribyliev, Yurii
Prokopenko, Oleksandr
Savchenko, Vitalii
Sobchuk, Valentyn
Tolkachov, Maksym
Vlasov, Andrii
Voitko, Oleksandr
Yerhidzei, Kseniia
Yevseiev, Serhii
author_facet Yevseiev, Serhii
Khokhlachova, Yuliia
Ostapov, Serhii
Laptiev, Oleksandr
Korol, Olha
Milevskyi, Stanislav
Milov, Oleksandr
Pohasii, Serhii
Melenti, Yevgen
Hrebeniuk, Vitalii
Havrylova, Alla
Herasуmov, Serhii
Korolev, Roman
Barabash, Oleg
Sobchuk, Valentyn
Kyrychok, Roman
German, Shuklin
Akhramovych, Volodymyr
Savchenko, Vitalii
Golovashych, Sergii
Lezik, Oleksandr
Opirskyy, Ivan
Voitko, Oleksandr
Yerhidzei, Kseniia
Mykus, Serhii
Pribyliev, Yurii
Prokopenko, Oleksandr
Vlasov, Andrii
Dzheniuk, Nataliia
Tolkachov, Maksym
author_sort Yevseiev, Serhii
collection Directory of Open Access Books
description The development of technologies and computing resources has not only expanded the range of digital services in all spheres of human activity, but also determined the range of targeted cyber attacks. Targeted attacks are aimed at destroying not only the business structure, but also its individual components that determine critical business processes. The continuity of such business processes is a critical component of any company, organization or enterprise of any form of ownership, which has a critical impact on making a profit or organizing production processes. The proposed concept of determining the security level of critical business processes is based on the need to use multiloop information security systems. This makes it possible to ensure the continuity of critical business processes through a timely objective assessment of the level of security and the timely formation of preventive measures. This approach is based on the proposed rules for determining the reach of a given security level, based on assessments of the integrity, availability and confidentiality of information arrays, as well as computer equipment for different points of the organization's business processes. The issues of applying situational management methods to ensure the safe functioning of objects of socio-cyberphysical systems, logical and transformational rules that form the foundation for building a situational type cybersecurity management system are considered. One of the main tasks of systems of this type is described – the task of replenishing the description of the situation. The use of pseudophysical logics, various types of pseudophysical logics, the method of their construction and their interconnection are proposed. Particular attention is paid to causal pseudophysical logic, as the least developed for the purposes of ensuring cybersecurity. The formation of smart technologies, as a rule, uses the wireless standards of communication channels IEEE 802.11X, IEEE 802.15.4, IEEE 802.16, which use only authentication protocols and privacy mechanisms that are formed on the basis of symmetric algorithms. In the conditions of the post-quantum period (the appearance of a full-scale quantum computer), the stability of such algorithms is questioned. Such systems, as a rule, are formed on the basis of the synthesis of socio-cyber-physical systems and cloud technologies, which simplifies the implementation of Advanced Persistent Threat attacks, both on the internal loop of control systems and on the external one. The proposed creation of multi-circuit information protection systems allows for an objective assessment of the flow state of the system as a whole and the formation of preventive measures against cyber threats. In the thied chapter, models of probable threats and information protection in public networks are proposed. The most general model of the formal description of the protection system is the model of the security system with full overlap, in which a complete list of protection objects and threats to information is determined, and means of ensuring security are determined from the point of view of their effectiveness and contribution to ensuring the security of the entire telecommunications system. It is also shown that the combination of four models (M1, M2, M3, M4) in various variants provides wide opportunities for modeling various known types of threats and their implementation. However, in connection with the continuity of the process of developing new and improving existing methods and means of implementing threats, it is necessary to use such approaches to ensuring information protection that allow detecting and preventing threats of unknown types and carrying out dynamic correction of protection behavior, adapting it to specific application conditions. The M5 basic model is described, which enables continuous refinement of threat classes and response measures, and continuous training of the adaptive component of the CSI, which, in turn, detects and prevents threats of unknown types. The M6 basic model is introduced with the aim of obtaining higher security due to the presence of a special module of internal diagnostics that diagnoses the entire protection system, decides on the correction of the SHI behavior algorithm, and makes it possible to achieve SHI fault tolerance; a special module that diagnoses the communication channel with subsequent changes in the level of protection, allows to achieve the adaptability of the SHI. The fourth chapter is deal with the development of cryptographic primitives based on cellular automata. The definition of a cellular automaton is given and the elementary rules of intercellular interaction are described. A number of generators of pseudorandom binary sequences have been developed based on a combination of elementary rules of intercellular interaction, as well as cell interaction according to a rule of our own development. In the “cryptographic sponge” architecture, a cryptographic hashing function with a shuffling function based on cellular automata was developed and its statistical characteristics and avalanche effect were investigated. A block cipher in the SP-network architecture is constructed, in which cellular automata are used to deploy the key, and the encryption process is based on elementary procedures of replacement and permutation. Substitution blocks are used from the well-known AES cipher, a description of a stream cipher is given, where a personal computer keyboard and mouse are used as the initial entropy. Random data received from the specified devices is processed by a proprietary hashing function based on a "cryptographic sponge". All developed cryptographic functions and primitives demonstrated good statistical characteristics and avalanche properties. The fifth chapter proposes a methodology for analyzing the quality of the mechanism for validating the identified vulnerabilities of a corporate network, which is based on integral equations that take into account the quantitative characteristics of the vulnerability validation mechanism under study at a certain point in time. This technique allows you to build the laws of distribution of quality indicators of the vulnerability validation process and quantify the quality of the mechanism for validating detected vulnerabilities, which allows you to monitor and control the validation of identified vulnerabilities in real time during active security analysis. A method is proposed for constructing a fuzzy knowledge base for making decisions when validating vulnerabilities of software and hardware platforms with an active analysis of the security of a target corporate network based on the use of fuzzy logic, which makes it possible to provide reliable information about the quality of the mechanism for validating vulnerabilities indirectly. The constructed knowledge base allows you to form decisive decision-making rules for the implementation of a particular attacking action, which allows you to develop expert systems to automate the decision-making process when validating the identified vulnerabilities of target information systems and networks. An improved method of automatic active security analysis is proposed, which, based on the synthesis of the proposed models, techniques and methods, allows, in contrast to the existing ones, to abstract from the conditions of dynamic changes in the environment, i.e. constant development of information technologies, which leads to an increase in the number of vulnerabilities and corresponding attack vectors, as well as an increase in ready-to-use exploits of vulnerabilities and their availability, and take into account only the quality parameters of the vulnerability validation process itself.
format Online
id doab-20.500.12854ir-134824.2
institution Directory of Open Access Books
language eng
publishDate 2025
publishDateRange 2025
publishDateSort 2025
publisher PC TECHNOLOGY CENTER
publisherStr PC TECHNOLOGY CENTER
record_format ojs
spelling doab-20.500.12854ir-134824.22025-08-29T14:18:32Z Models of socio-cyber-physical systems security Yevseiev, Serhii Khokhlachova, Yuliia Ostapov, Serhii Laptiev, Oleksandr Korol, Olha Milevskyi, Stanislav Milov, Oleksandr Pohasii, Serhii Melenti, Yevgen Hrebeniuk, Vitalii Havrylova, Alla Herasуmov, Serhii Korolev, Roman Barabash, Oleg Sobchuk, Valentyn Kyrychok, Roman German, Shuklin Akhramovych, Volodymyr Savchenko, Vitalii Golovashych, Sergii Lezik, Oleksandr Opirskyy, Ivan Voitko, Oleksandr Yerhidzei, Kseniia Mykus, Serhii Pribyliev, Yurii Prokopenko, Oleksandr Vlasov, Andrii Dzheniuk, Nataliia Tolkachov, Maksym Yevseiev, Serhii Khokhlachova, Yuliia Ostapov, Serhii Laptiev, Oleksandr Cybersecurity models of the threat crypto-code constructions simulation modelling automation radio engineering research security measures thema EDItEUR::U Computing and Information Technology::UR Computer security The development of technologies and computing resources has not only expanded the range of digital services in all spheres of human activity, but also determined the range of targeted cyber attacks. Targeted attacks are aimed at destroying not only the business structure, but also its individual components that determine critical business processes. The continuity of such business processes is a critical component of any company, organization or enterprise of any form of ownership, which has a critical impact on making a profit or organizing production processes. The proposed concept of determining the security level of critical business processes is based on the need to use multiloop information security systems. This makes it possible to ensure the continuity of critical business processes through a timely objective assessment of the level of security and the timely formation of preventive measures. This approach is based on the proposed rules for determining the reach of a given security level, based on assessments of the integrity, availability and confidentiality of information arrays, as well as computer equipment for different points of the organization's business processes. The issues of applying situational management methods to ensure the safe functioning of objects of socio-cyberphysical systems, logical and transformational rules that form the foundation for building a situational type cybersecurity management system are considered. One of the main tasks of systems of this type is described – the task of replenishing the description of the situation. The use of pseudophysical logics, various types of pseudophysical logics, the method of their construction and their interconnection are proposed. Particular attention is paid to causal pseudophysical logic, as the least developed for the purposes of ensuring cybersecurity. The formation of smart technologies, as a rule, uses the wireless standards of communication channels IEEE 802.11X, IEEE 802.15.4, IEEE 802.16, which use only authentication protocols and privacy mechanisms that are formed on the basis of symmetric algorithms. In the conditions of the post-quantum period (the appearance of a full-scale quantum computer), the stability of such algorithms is questioned. Such systems, as a rule, are formed on the basis of the synthesis of socio-cyber-physical systems and cloud technologies, which simplifies the implementation of Advanced Persistent Threat attacks, both on the internal loop of control systems and on the external one. The proposed creation of multi-circuit information protection systems allows for an objective assessment of the flow state of the system as a whole and the formation of preventive measures against cyber threats. In the thied chapter, models of probable threats and information protection in public networks are proposed. The most general model of the formal description of the protection system is the model of the security system with full overlap, in which a complete list of protection objects and threats to information is determined, and means of ensuring security are determined from the point of view of their effectiveness and contribution to ensuring the security of the entire telecommunications system. It is also shown that the combination of four models (M1, M2, M3, M4) in various variants provides wide opportunities for modeling various known types of threats and their implementation. However, in connection with the continuity of the process of developing new and improving existing methods and means of implementing threats, it is necessary to use such approaches to ensuring information protection that allow detecting and preventing threats of unknown types and carrying out dynamic correction of protection behavior, adapting it to specific application conditions. The M5 basic model is described, which enables continuous refinement of threat classes and response measures, and continuous training of the adaptive component of the CSI, which, in turn, detects and prevents threats of unknown types. The M6 basic model is introduced with the aim of obtaining higher security due to the presence of a special module of internal diagnostics that diagnoses the entire protection system, decides on the correction of the SHI behavior algorithm, and makes it possible to achieve SHI fault tolerance; a special module that diagnoses the communication channel with subsequent changes in the level of protection, allows to achieve the adaptability of the SHI. The fourth chapter is deal with the development of cryptographic primitives based on cellular automata. The definition of a cellular automaton is given and the elementary rules of intercellular interaction are described. A number of generators of pseudorandom binary sequences have been developed based on a combination of elementary rules of intercellular interaction, as well as cell interaction according to a rule of our own development. In the “cryptographic sponge” architecture, a cryptographic hashing function with a shuffling function based on cellular automata was developed and its statistical characteristics and avalanche effect were investigated. A block cipher in the SP-network architecture is constructed, in which cellular automata are used to deploy the key, and the encryption process is based on elementary procedures of replacement and permutation. Substitution blocks are used from the well-known AES cipher, a description of a stream cipher is given, where a personal computer keyboard and mouse are used as the initial entropy. Random data received from the specified devices is processed by a proprietary hashing function based on a "cryptographic sponge". All developed cryptographic functions and primitives demonstrated good statistical characteristics and avalanche properties. The fifth chapter proposes a methodology for analyzing the quality of the mechanism for validating the identified vulnerabilities of a corporate network, which is based on integral equations that take into account the quantitative characteristics of the vulnerability validation mechanism under study at a certain point in time. This technique allows you to build the laws of distribution of quality indicators of the vulnerability validation process and quantify the quality of the mechanism for validating detected vulnerabilities, which allows you to monitor and control the validation of identified vulnerabilities in real time during active security analysis. A method is proposed for constructing a fuzzy knowledge base for making decisions when validating vulnerabilities of software and hardware platforms with an active analysis of the security of a target corporate network based on the use of fuzzy logic, which makes it possible to provide reliable information about the quality of the mechanism for validating vulnerabilities indirectly. The constructed knowledge base allows you to form decisive decision-making rules for the implementation of a particular attacking action, which allows you to develop expert systems to automate the decision-making process when validating the identified vulnerabilities of target information systems and networks. An improved method of automatic active security analysis is proposed, which, based on the synthesis of the proposed models, techniques and methods, allows, in contrast to the existing ones, to abstract from the conditions of dynamic changes in the environment, i.e. constant development of information technologies, which leads to an increase in the number of vulnerabilities and corresponding attack vectors, as well as an increase in ready-to-use exploits of vulnerabilities and their availability, and take into account only the quality parameters of the vulnerability validation process itself. Published 2025-08-29T14:18:30Z 2024-02-26T15:06:38Z 2025-08-29T14:18:30Z 2023-06-29 book 978-617-7319-72-5 https://directory.doabooks.org/handle/20.500.12854/134824.2 eng image/jpeg Attribution-NonCommercial-NoDerivatives 4.0 International https://monograph.com.ua/catalog/book/978-617-7319-72-5 PC TECHNOLOGY CENTER 10.15587/978-617-7319-72-5 10.15587/978-617-7319-72-5 105e2329-8f11-44ef-beca-adf5b71eb8f4 978-617-7319-72-5 184 Kharkiv, Ukraine open access
spellingShingle Cybersecurity
models of the threat
crypto-code constructions
simulation modelling
automation
radio engineering research
security measures
thema EDItEUR::U Computing and Information Technology::UR Computer security
Yevseiev, Serhii
Khokhlachova, Yuliia
Ostapov, Serhii
Laptiev, Oleksandr
Korol, Olha
Milevskyi, Stanislav
Milov, Oleksandr
Pohasii, Serhii
Melenti, Yevgen
Hrebeniuk, Vitalii
Havrylova, Alla
Herasуmov, Serhii
Korolev, Roman
Barabash, Oleg
Sobchuk, Valentyn
Kyrychok, Roman
German, Shuklin
Akhramovych, Volodymyr
Savchenko, Vitalii
Golovashych, Sergii
Lezik, Oleksandr
Opirskyy, Ivan
Voitko, Oleksandr
Yerhidzei, Kseniia
Mykus, Serhii
Pribyliev, Yurii
Prokopenko, Oleksandr
Vlasov, Andrii
Dzheniuk, Nataliia
Tolkachov, Maksym
Models of socio-cyber-physical systems security
title Models of socio-cyber-physical systems security
title_full Models of socio-cyber-physical systems security
title_fullStr Models of socio-cyber-physical systems security
title_full_unstemmed Models of socio-cyber-physical systems security
title_short Models of socio-cyber-physical systems security
title_sort models of socio cyber physical systems security
topic Cybersecurity
models of the threat
crypto-code constructions
simulation modelling
automation
radio engineering research
security measures
thema EDItEUR::U Computing and Information Technology::UR Computer security
topic_facet Cybersecurity
models of the threat
crypto-code constructions
simulation modelling
automation
radio engineering research
security measures
thema EDItEUR::U Computing and Information Technology::UR Computer security
url https://directory.doabooks.org/handle/20.500.12854/134824.2
work_keys_str_mv AT yevseievserhii modelsofsociocyberphysicalsystemssecurity
AT khokhlachovayuliia modelsofsociocyberphysicalsystemssecurity
AT ostapovserhii modelsofsociocyberphysicalsystemssecurity
AT laptievoleksandr modelsofsociocyberphysicalsystemssecurity
AT korololha modelsofsociocyberphysicalsystemssecurity
AT milevskyistanislav modelsofsociocyberphysicalsystemssecurity
AT milovoleksandr modelsofsociocyberphysicalsystemssecurity
AT pohasiiserhii modelsofsociocyberphysicalsystemssecurity
AT melentiyevgen modelsofsociocyberphysicalsystemssecurity
AT hrebeniukvitalii modelsofsociocyberphysicalsystemssecurity
AT havrylovaalla modelsofsociocyberphysicalsystemssecurity
AT herasumovserhii modelsofsociocyberphysicalsystemssecurity
AT korolevroman modelsofsociocyberphysicalsystemssecurity
AT barabasholeg modelsofsociocyberphysicalsystemssecurity
AT sobchukvalentyn modelsofsociocyberphysicalsystemssecurity
AT kyrychokroman modelsofsociocyberphysicalsystemssecurity
AT germanshuklin modelsofsociocyberphysicalsystemssecurity
AT akhramovychvolodymyr modelsofsociocyberphysicalsystemssecurity
AT savchenkovitalii modelsofsociocyberphysicalsystemssecurity
AT golovashychsergii modelsofsociocyberphysicalsystemssecurity
AT lezikoleksandr modelsofsociocyberphysicalsystemssecurity
AT opirskyyivan modelsofsociocyberphysicalsystemssecurity
AT voitkooleksandr modelsofsociocyberphysicalsystemssecurity
AT yerhidzeikseniia modelsofsociocyberphysicalsystemssecurity
AT mykusserhii modelsofsociocyberphysicalsystemssecurity
AT pribylievyurii modelsofsociocyberphysicalsystemssecurity
AT prokopenkooleksandr modelsofsociocyberphysicalsystemssecurity
AT vlasovandrii modelsofsociocyberphysicalsystemssecurity
AT dzheniuknataliia modelsofsociocyberphysicalsystemssecurity
AT tolkachovmaksym modelsofsociocyberphysicalsystemssecurity